* Remove beta flag in version.json
* Add the new ruleverifier options to the pack command.
* Typos
* Run formatting - no logic changes.
* Update Dependencies
* Refactor tests a bit
* Fix template issue after reformatting. Add missing integrity flags.
* wip checkin
Partial refactor. Requires updated OAT just merged.
* wip checkin
Partial refactor. Requires updated OAT just merged.
* Fix issues with refactored within
* WIP
* Fix inversion in conditions
* Fix regex json rule offset
* Fix off by one
* Validate subclause of within clause.
* Adds Experimental XML path parsing
* Add JSON support for the Structured queries
* Fixes
* Add logging to textcontainer
* Implement XPath and JsonPath for string matching rules.
* Removed unused.
* Fix potential double return.
* Remove unused imports
* Remove redundant and non-cached regex builder
* Null checking
* Nit: Typos in test data
Also move the String clause tests to the correct file.
* Allow specification of both a JsonPath and an XML Path
A user potentially would want to detect a similar pattern at a location inside both an XML and a JSON file, so they can provide separate path specifications for each rather than having two nearly identical rules.
* Adds test case for a rule that targets both Json and XML
* Adds validation for JsonPath and XPath arguments
* Fix#480
Fixes case sensitivity of Enum based arguments
Fixes default Confidence argument not being respected
Fixes severity not being respected
Fixes custom rules not being validated if provided as a directory
Adds new option to skip validation of custom rules
Adds a TextContainer based API for analyze.
* Simplify post validation action
Refactors the RuleSet class to create AbstractRuleSet and TypedRuleSet. Normal usage is not impacted - the RuleSet class can be used as it was previously. Internally, this provides capability to create TypedRuleSets of Rules that have more properties than the ApplicationInspector rules. These properties don't affect rule logic in the processor.
* Adds Support for MustMatch and MustNotMatch fields in rules
Allows for providing a set of values which must match the rule or must not match the rule. If these are present the rules verifier will check them and return errors are usual during validation.
Fixes an issue with some tests.
* Style Changes
* Improve language selection logic
Handles a potential edge case with only DoesNotApplyTo set and "csharp" being an excluded language.
* Remove reference to no-op CLI tests.
* Adds the "does_not_apply_to" parameter for languages
* Adds other types of conditions supported by devskim
OnlyBefore - Condition matches if it occurs anywhere in the same file before the initial match
OnlyAfter - Condition matches if it occurs anywhere in the same file after the initial match
SameFile - Condition matches if it occurs anywhere in the same file, including the original match
* Fixes Pipeline
* Improve test run time
* A change in the App Code to trigger the release pipeline.
Other changes in this PR are to the Pipeline and Tests so will not automatically trigger a build snap. This change should, but doesn't change functionality.
* Update version.json
* Adds Timeout Tests
* Adds Red status for Timeout or failure on progress bar.
* Updates dependencies.
* Fix the processing timeout when progressbar enabled.
* Add backup output of the json object when HTML report is too large.
* Add option for limiting enumeration time per archive and skipping archives
* Better handling for crashes in the HTML writer.
* Fix logging.
* Add test for skipping archives.
* Fix most of logging in Analyze Command
* ConvertTagDiff command
* Finish conversion of Analyze
* Rewrite logging
* Bump version. These changes change API surfaces and CLI arguments.
* More fixes.
* More test improvements
* More test fixes.
* Fix analyze tests
* Incrementally adding tests for untested parameters.
* Fix tests for everything except timeouts in analyze command.
* Add logger factory to the tests. Start on verify rules cmd.
* Refactor VerifyRules + Fix Tests to cover all cases checked for AI rules.
* Remove RulePacker, just embed all rules directly
* Existing nuget tests fixed.
* More fixes. start implementing custom languages and comments.
* Fix#418
* Remove unused examples
Remove old CLI tests
* Generate and publish code coverage in pipeline
* Clean up unused resources.
* Update dotnet-test-job.yml
* Update dotnet-test-job.yml
* Add SeverityLevel option.
* Add applies to filename test
* Add override test
* Update TestAnalyzeCmd.cs
* Tests and refactoring/renaming.
* More tests for malformed within clauses.
* Rename Test folder
Fix pipeline
More withinclause tests
* Improvements
* Fix option parsing
* More test coverage for Languages.cs.
* Refactor. Removing Newtonsoft dependency.
* Re-add support for netcore3.1 to lib
* Support netstandard2.1 instead.
* Refactor and Cleanup
Allows tests to run on netstandard by moving the logoptions to a separate project.
* Fixes for #442 and #443 (#444)
* Update bug report
Co-authored-by: Michael Scovetta <michael.scovetta@microsoft.com>
* Clean up the initial matches if some don't pass later conditions.
Fix#422
* Bump dependencies
* Update tests to confirm new behavior
* Cleans up a bunch of tests that were passing around exit codes instead of using asserts directly on them.
* Change NBGV pipeline to use update command
* Fixed wiki link in README.md
* Update README.md
Fix reference to .net 6.0 while we are editing readme.
* Update JustRunIt.md
Co-authored-by: Gabe Stocco <98900+gfs@users.noreply.github.com>
Gabe Stocco
Michael Scovetta
liyuhang